CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

Github Security Blog•added 2026/05/04 8:22 p.m.•6 views

OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

Summary MCP loopback owner context is derived from server-issued bearer tokens. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact The loopback MCP path accepted spoofable owner-context metadata from request headers, which could...

8.5CVSS5.8AI score0.00012EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by